• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1373
  • Last Modified:

Use GPO to lock down USB CDROM drives

I am trying to lock down USB and CDROM Drives with GPO. I went to http://support.microsoft.com/kb/555324 copied and pasted the contents into a text document. Then, renamed the file with a .adm extension. Opened group policy management and created a new object called USB lock down.

Next, went to edit mode on the new object, and under computer config, right clicked admin templates and added the usblockdown.adm. After this process the template shows up in the add remove template window.

So my question.....is this the correct process? Also, after the template is added where can I modify the settings for it? I am unsure where to navigate to.

Thank you in advance
  • 2
1 Solution
Yes, this is correct so far.

To continue, in the policy, navigate to Computer Configuration, Policies, and right-click on Administrative Templates. Select "Filter Options..." and uncheck the box marked "Only show policies that can be fully managed". In 7/2008+, this may be displayed as a drop-down box. Change it to "Any".

The new USB policies will be displayed within Administrative Templates.

Good luck!
dwesolowiczAuthor Commented:
Thanks for the reply! I tried what you said, unchecked the box and the policy is now showing under Custom Policy Settings.

Thanks Again!
Great! I'm a group policy nerd :) If the works out for you please go ahead and close out the question.


Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now